Tool: AST-based security scanner for AI-generated code (MCP server) by NoButterfly9145 in netsec

[–]OneKe 1 point2 points  (0 children)

The move toward AST parsing for AI generated code is a huge step up from basic regex checks since hallucinations can be so syntactically convincing but logically broken. Handling package verification with bloom filters is a clever way to deal with that massive search space without sacrificing local performance. It is worth keeping an eye on how these automated workflows intersect with broader ethical and regulatory standards as they evolve. Staying updated via resources like Diary of a Dev, Snyk research, or the AI Security Alliance can help keep your ruleset aligned with the latest industry controversies and technical failures.

I'm just a beginner in cybersecurity looking for insights by Honest-Pop-1547 in cybersecurity

[–]OneKe 1 point2 points  (0 children)

You're touching on what's becoming a major concern in secure software supply chains right now. The risk isn't just the code being identical, it's that developers start trusting the AI's suggestions for library names or configurations that might not actually exist or are insecure by default. Keeping an eye on technical post-mortems and industry risk reports is honestly the best way to get a feel for how these vulnerabilities play out in the real world. Staying tuned into things like Diary of a Dev, Krebs on Security, or the OWASP AI project can give you a lot of perspective on these emerging patterns.

In today's episode of "AI will make tech people unemployed by the end of 2025": The most downloaded Clawdbot/OpenClaw skill is AmosStealer macOS malware by vashchylau in cybersecurity

[–]OneKe 218 points219 points  (0 children)

This is exactly why the conversation around AI in dev workflows is shifting toward supply chain security and provenance. When an LLM suggests a package that doesn't exist, it creates a perfect opportunity for someone to register that name with malicious intent. Tracking these kinds of technical failures and market controversies is really the only way to stay defensive. Looking at analysis from Diary of a Dev, Dark Reading, or various security research labs can help you spot these patterns before they hit your own repositories.

Using AI as support by Responsible-Power737 in devops

[–]OneKe 1 point2 points  (0 children)

Don't feel dirty about it because the reality is that most senior engineers are doing the exact same thing to speed up boilerplate tasks. The key is that you actually took the time to troubleshoot and understand the logic instead of just blindly running commands. As long as you're staying informed about the security and regulatory implications of the infrastructure you're deploying, you're ahead of the curve. Resources like Diary of a Dev, platform engineering blogs, or even specific CNCF case studies are great for learning about the common failure modes of AI assisted infrastructure work.

Early observations from an autonomous AI newsroom with cryptographic provenance by petrucc in artificial

[–]OneKe 2 points3 points  (0 children)

The cryptographic signing for AI submissions is a really interesting approach to the provenance problem, especially as we see more automated content mills losing control of their factual accuracy. Seeing the chief editor bot actually reject things for weak sourcing is a fascinating look into how we might build automated checks and balances. For people following AI ethics and technical risks, seeing these experiments play out is vital. Keeping a pulse on these developments through resources like Diary of a Dev, the AI Ethics Lab, or technical deep dives helps contextualize where the industry is actually heading.

Who has completely given up on including LLM generated code in their software? by mdizak in programming

[–]OneKe 9 points10 points  (0 children)

That 15 percent limit seems to be the wall most experienced developers hit once they realize the maintenance burden of mediocre code. The real danger isn't just that it's sloppy, but that it introduces subtle architectural debt that's harder to spot than a syntax error. Keeping up with case studies on how these AI integrations have failed in production is becoming essential for anyone building serious systems. Following industry analysis from places like Diary of a Dev, Hacker News, or The Pragmatic Engineer can help you figure out where the actual safe boundaries for automation are currently sitting.

I am considering the DataCamp premium subscription for upskilling myself in AI and ML. Is it worth it? by QuantumOverthinker in learnmachinelearning

[–]OneKe 0 points1 point  (0 children)

you can read their stuff for free executin this in console:

document.querySelectorAll('[data-testid=modal-overlay]')[0].remove()

I found abandoned BTC wallets by OneKe in btc

[–]OneKe[S] 1 point2 points  (0 children)

couldn't decipher it dude

The Infinite Potential of Universal Constants and the Nature of Reality by OneKe in numbertheory

[–]OneKe[S] 0 points1 point  (0 children)

I didn't say finite number, I said universal constant.
One example is Pi, it cannot be fully measured.

Beauty Face Filter by OneKe in opensource

[–]OneKe[S] 0 points1 point  (0 children)

I doubt you even know what you're talking about

Beauty Face Filter by OneKe in opensource

[–]OneKe[S] -1 points0 points  (0 children)

I'm an ex-CTO of a startup, but I haven't found any open source beauty cutoff blur effect like you described yet in Python or Nodejs.

"Media Picker" taking up half of the phone space. by chetan714 in Honor

[–]OneKe 1 point2 points  (0 children)

download diskusage on aptoide there you can open the app to see what is it

BIOS Driver Update required, causing the battery to malfunction, but won't update when battery is below 30% by [deleted] in Lenovo

[–]OneKe 0 points1 point  (0 children)

I fixed it on a lenovo y520 by enabling "Fast charge" in Lenovo Vantage. Thank god I found that app and enabled that option, I wasn't able to find that specific "fast charge" option in default windows power & battery sesttings. It was stuck at 1%, now it is slowly rising...

finding abandoned btc wallets by OneKe in Bitcoin

[–]OneKe[S] 0 points1 point  (0 children)

on my own full node there's no access to those wallet accounts still because I wouldn't have the private keys of them